ISNS Winter 2012
ISNS Winter 2012
1
[2 Marks X 10 = 20 Marks]
a. What is Threads classification?
c. What is masquerading?
masquerade is a type of attack where the attacker pretends to be an authorized
user of a system in order to gain access to it or to gain greater privileges than
they are authorized for. A masquerade may be attempted through the use of
stolen logon IDs and passwords, through finding security gaps in programs,
or through bypassing the authentication mechanism. The attempt may come
from within an organization, for example, from an employee; or from an
outside user through some connection to the public network. Weak
authentication provides one of the easiest points of entry for a masquerade,
since it makes it much easier for an attacker to gain access. Once the attacker
has been authorized for entry, they may have full access to the organization's
critical data, and (depending on the privilege level they pretend to have) may
be able to modify and delete software and data, and make changes to network
configuration and routing information.
d. What are the requirements for digital signature?
To establish these conditions, the content creator must digitally sign the
content by using a signature that satisfies the following criteria:
The digital signature is valid. A CA that is trusted by the operating
system must sign the digital certificate on which the digital signature is
based.
The certificate that is associated with the digital signature is not
expired.
The signing person or organization (known as the publisher) is trusted
by the recipient.
The certificate associated with the digital signature is issued to the
signing publisher by a reputable CA.
e. Brief about Annual Loss Expectancy?
The annualized loss expectancy (ALE) is the product of the annual rate of
occurrence (ARO) and the single loss expectancy (SLE). It is mathematically
expressed as:
Suppose than an asset is valued at $100,000, and the Exposure Factor (EF)
for this asset is 25%. The single loss expectancy (SLE) then, is 25% *
$100,000, or $25,000.
The annualized loss expectancy is the product of the annual rate of
occurrence (ARO) and the single loss expectancy. ALE = ARO * SLE
For an annual rate of occurrence of one, the annualized loss expectancy is
1 * $25,000, or $25,000.
For an ARO of three, the equation is: ALE = 3 * $25,000. Therefore: ALE
= $75,000
Q. No. 2
a. Explain the importance of management role in implementing
information security in an organization?
[6 Marks]
Many multinational corporations outsource their non-core projects to other
Companies to focus on core processes. The outsourced work is taken over by
Companies with the agreement that none of the customers/clients
confidential information will be compromised. In recent times, every
Organization that have thrown their hat in the ring when it comes to market
The impact scale is organizationally defined (for example, a one to five scale,
with five being the highest impact on project objectives - such as budget,
schedule, or quality).
A qualitative risk analysis will also include the appropriate categorization of
the risks, either source-based or effect-based.
Quantitative Risk Analysis
A quantitative risk analysis is a further analysis of the highest priority risks
during a which a numerical or quantitative rating is assigned in order to
develop a probabilistic analysis of the project.
A
quantitative
analysis:
- quantifies the possible outcomes for the project and assesses the probability
of
achieving
specific
project
objectives
Q. No. 3 a. Explain the types of attacks on double DES and triple DES.
[6 Marks]
the ShiftRows step is composed of bytes from each column of the input state.
(Rijndael variants with a larger block size have slightly different offsets). For
a 256-bit block, the first row is unchanged and the shifting for the second,
third and fourth row is 1 byte, 3 bytes and 4 bytes respectivelythis change
only applies for the Rijndael cipher when used with a 256-bit block, as AES
does not use 256-bit blocks. The importance of this step is to avoid the
columns being linearly independent, in which case, AES degenerates into
four independent block ciphers.
Message from B
That appears to be from A
Replay
Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect.
Modification of messages simply means that some portion of a legitimate
message is altered, or that messages are delayed or reordered, to produce an
unauthorized effect. For example, a message meaning "Allow Suresh to read
confidential file accounts" is modified to mean "Allow Ramesh to read
confidential file accounts"
The denial of service prevents or inhibits the normal use or management of
communications facilities. This attack may have a specific target; for
example, an entity may suppress all messages directed to a particular
destination (e.g., the security audit service). Another form of service denial is
the disruption of an entire network, either by disabling the network or by
overloading it with messages so as to degrade performance.
Modification of messages
Denial of Service
C
B
the
order
of
CAESAR CIPHER
This is the earliest known example of a substitution cipher.
Each character of a message is replaced by a character three position
down in the alphabet.
plaintext: are you ready
ciphertext: DUH BRX UHDGB
If we represent each letter of the alphabet by an integer that
corresponds to its position in the alphabet, the formula for replacing
each character p of the plaintext with a character C of the ciphertext
can be expressed as
C = E( 3, p ) = (p + 3) mod 26
A more general version of this cipher that allows for any degree of shift
would be expressed by
C = E( k, p ) = (p + k) mod 26
The formula for decryption would be
p = D( k, C ) = (C - k) mod 26
In these formulas, k would be the secret key. The symbols E and D
represent encryption and decryption.
PLAYFAIR CIPHER
In Playfair cipher, you first choose an encryption key. You then enter
the letters of the key in the cells of a 5 5 matrix in a left to right
fashion starting with the first cell at the top-left corner. You fill the rest
of the cells of the matrix with the remaining letters in alphabetic order.
The letters I and J are assigned the same cell. In the following example,
the key is smythework:
Rules
1. Two plaintext letters that fall in the same row of the 5 5 matrix are
replaced by letters to the right of each in the row. Therightness
property is to be interpreted circularly in each row, meaning that the
first entry in each row is to the right of the last entry. Therefore, the pair
of letters bf in plaintext will get replaced by CA in ciphertext.
2. Two plaintext letters that fall in the same column are replaced by the
letters just below them in the column. The belowness property is to
be considered circular, in the sense that the topmost entry in a column
is below the bottom-most entry. Therefore, the pair ol of plaintext
will get replaced by CV in ciphertext.
3. Otherwise, for each plaintext letter in a pair, replace it with the letter
that is in the same row but in the column of the other letter. Consider
the pair gf of the plaintext. We have g in the fourth row and the first
column; and f in the third row and the fifth column. So we replace g
by the letter in the same row as g but in the column that contains f.
This given us P as a replacement for g. And we replace f by the
letter in the same row as f but in the column that contains g. That
gives us Aas replacement for f. Therefore, gf gets replaced by
PA.
4. You must drop any duplicates in a key.
5. Before the substitution rules are applied, you must insert a chosen
filler letter (lets say it is x) between any repeating letters in the
plaintext. So a plaintext word such as hurray becomes hurxray
THE HILL CIPHER
The Hill cipher takes a very different (more mathematical) approach to multiletter substitution. You assign an integer to each letter of the alphabet. For the
sake of discussion, lets say that you have assigned the integers 0 through 25
to the letters a through z of the plaintext.
The encryption key, call it K, consists of a 33 matrix of integers:
K = k11 k12 k13
k21 k22 k23
k31 k32 k33
Now we can transform three letters at a time from plaintext, the letters being
represented by the numbers p1, p2, and p3, into three ciphertext letters c1, c2,
and c3 in their numerical representations by
c1 = ( k11p1 + k12p2 + k13p3 ) mod 26
c2 = ( k21p1 + k22p2 + k23p3 ) mod 26
c3 = ( k31p1 + k32p2 + k33p3 ) mod 26
The above set of linear equations can be written more compactly in the
following vector-matrix form:
C= [K] P mod 26
[6 Marks]
Key Distribution
One problem with the simple protocol described in the preceding section is
that it does not explain how or where Alice and Bob get a secret key to use in
their communications with each other. If they are people, Alice and Bob can
meet, perhaps in an alley, and agree on a secret key. But if Alice is a client
program that is running on a workstation and Bob is a service that is running
on a computer somewhere across the network, that method does not work.
There is the further problem that the client, Alice, might want to talk to many
services and will need keys for each of them. Likewise, the service, Bob,
might talk to many clients and will need keys for each of them. If each client
needs a key for every service and each service needs a key for every client,
key distribution can quickly become a difficult problem to solve. The need to
store and protect so many keys on so many computers presents an enormous
security risk.
The name Kerberos suggests how the protocol resolves the problem of key
distribution. Kerberos (also known as Cerberus) was a figure in classical
Greek mythology, a three-headed dog who kept living intruders from entering
the underworld. Like the mythical guard dog, the protocol has three heads,
which in this case are a client, a server, and a trusted third party that mediates
between the client and server. The trusted intermediary in the protocol is
known as the Key Distribution Center (KDC).
The KDC is a service that runs on a physically secure server. It maintains a
database with account information for all security principals in its realm
the protocol's equivalent of a Windows 2000 domain. Along with other
information about each security principal, the KDC stores a cryptographic
key known only to the security principal and the KDC. This key is used in
exchanges between the security principal and the KDC and is known as
along-term key . In most implementations of the protocol, the long-term key
is derived from a user's logon password.
When a client wants to talk to a server, the client sends a request to the KDC,
and the KDC distributes a unique session key for the two parties to use when
they authenticate each other, as illustrated in Figure 11.2. The server's copy of
the session key is encrypted in the server's long-term key. The client's copy of
the session key is encrypted in the client's long-term key.
extract the session key. When the server no longer needs the session key, it
can discard it.
Another benefit of using session tickets is that the client does not have to go
back to the KDC each time it wants access to a particular server. Session
tickets can be reused. As a precaution against the possibility that someone
might steal a copy of a ticket, session tickets have an expiration time that is
specified by the KDC in the ticket's data structure. How long a session ticket
is valid depends on the Kerberos policy for the domain. Tickets usually are
good for no longer than eight hours, about the length of a normal logon
session. When the user logs off, the credentials cache is flushed and all
session tickets as well as all session keys are destroyed.
b. Explain the difference between passive attacks and active attacks [4
Marks]
Passive Attack: Passive attack attempts to learn information but does not
affect resources. In this type of attack there is always monitoring of transmit
information. Passive attack is of two types:
Release of message contents is easily understood. A telephone conversation,
an electronic mail message, and a transferred may contain sensitive or
confidential information. In this opponent is preventing from learning this
type of information.
Second type of passive attack is traffic analysis .In this type masking of
message has occurred so that opponent cannot read the transmitted message.
The common technique used for masking is encryption of the plain message
into some unreadable form.
ACTIVE ATTACK: Active Attacks involve some modification of the data
stream or the creation of a false stream and can be subdivided into four
categories: masquerade, replay, modification of messages and denial of
service.
A masquerade occurs when one entity pretends to be a different entity. A
masquerade attack usually includes one of the other forms of active attack.
Replay involves the passive capture of a data unit and its subsequent
retransmission to produce an unauthorized effect.
Modification of message includes the altering of a message.
The denial of service prevents the normal use or management of
communications facilities.This attack may have a specific target.
A passive attack is one in which the intruder eavesdrops but does not modify
the message stream in any way. An active attack is one in which the intruder
may transmit messages, replay old messages, modify messages in transit, or
delete selected messages from the wire. A typical active attack is one in
which an intruder impersonates one end of the conversation, or acts as a manin-the-middle
Q. No. 7 a. Describe the steps in the creation of a digital certificate.
Marks]
[5
the
the
the
risk)
risk)
risk)
Hence, risk tolerance is finally a matter of choice for the organization, but
such choices should always be made wisely and based on the circumstances
faced at a given time (e.g. it may be tolerable risk now but is this going to be
the case 6 or 12 months from now)?